package com.ygsoft.tianlu_mall.security;

import com.ygsoft.tianlu_mall.exception.AccountException;
import com.ygsoft.tianlu_mall.util.EncryptKit;
import com.ygsoft.tianlu_mall.util.ResultModel;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class LoginHandler {

    @RequestMapping(value = "/shirologin")
    @ResponseBody
    public ResultModel shirologin(String user_name, String user_password) {

        try {
            Subject currentUser = SecurityUtils.getSubject();
            //未认证登录
            if(!currentUser.isAuthenticated()) {
                //密码进行MD5加密
                UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(user_name, EncryptKit.MD5(user_password));
                //认证登陆
                currentUser.login(usernamePasswordToken);
            }
        } catch (AuthenticationException e) {
            if(e instanceof AccountException) {
                return new ResultModel(1, "账号或密码错误");
            }
        }
        return new ResultModel(0, "登陆成功");
    }

    /**
     * 登出
     * @return
     */
    @RequestMapping("/shirologout")
    public String shirologout() {
        try {
            Subject subject = SecurityUtils.getSubject();
            if(subject.isAuthenticated()) {
                subject.logout();
                //登出成功
                return "redirect:/login.jsp";
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return "redirect:/home.jsp";
    }

}
